Answer the question
In order to leave comments, you need to log in
A
A
agent11562016-09-10 11:11:56
agent1156, 2016-09-10 11:11:56
How to remove CRUD?
I go to the admin panel, shows a list from the database. View works update works, I click on fish and bad request (#400) pops up WHY ?
public function actionDelete($id)
{
$this->findModel($id)->delete();
return $this->redirect(['index']);
}
3 answer(s)
@Akdmeh
@bitver
A
Andrey Pavlenko, 2016-09-10 @Akdmeh
Because in CRUD it is worth deleting only by the POST method (look at the generator example, you can see in what format the link should be in order to delete the request). This is made from CSRF attacks.
What to do?
1) Or follow only the link that makes an AJAX delete request (see the standard code after the generator)
2) Remove the behavior VerbFilter, but this is very undesirable, as it reduces the security of the application
N
Nikita, 2016-09-10 @bitver
You only have post permission for deletion, so links should send a post request.
If you do it through get, then the first search engine will delete everything nafig, as it will follow these links. (if there is open access)
Similar questions
B
A
E
F
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question